Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/D0CwZl-koESwbQ1Uba7fCKajLVQ.roa
File: D0CwZl-koESwbQ1Uba7fCKajLVQ.roa (raw, json)
Hash identifier: JHgoiHG0vy4APsscHBA/co9cKYAFZ/gX7WE2jOpol6U=
Subject key identifier: 0F:40:B0:66:5F:A4:A0:44:B0:6D:0D:54:6D:AE:DF:08:A6:A3:2D:54
Certificate issuer: /CN=e316318247d211841f9620a9a1130010ddb486f2
Certificate serial: 018E390B9957706F10A09ECC4EB26616ADF7
Authority key identifier: E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/D0CwZl-koESwbQ1Uba7fCKajLVQ.roa
Signing time: Wed 13 Mar 2024 18:20:45 +0000
ROA not before: Wed 13 Mar 2024 18:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 91.232.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 19:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:0b:99:57:70:6f:10:a0:9e:cc:4e:b2:66:16:ad:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e316318247d211841f9620a9a1130010ddb486f2
Validity
Not Before: Mar 13 18:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f40b0665fa4a044b06d0d546daedf08a6a32d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:42:06:4e:aa:7b:59:0a:14:a4:1b:1c:d4:f6:
24:7b:eb:dc:06:4d:60:6f:05:57:9a:8e:c6:bb:b1:
a5:16:43:e7:c7:00:f5:af:ea:d5:6b:c2:d1:7e:e5:
b6:ef:53:4a:d6:18:b2:81:26:5a:1b:29:ec:d8:29:
4d:12:c1:02:93:90:2c:20:a6:14:4d:44:6d:4d:c6:
3d:71:be:97:0a:bd:67:5b:ca:ca:8f:d0:4b:24:a6:
1b:c3:bc:6e:df:42:7f:19:1f:ab:96:e4:8c:97:d8:
6c:30:1d:44:12:41:41:ec:28:8e:0c:b8:d6:60:90:
d6:c3:22:d0:d0:40:b0:6e:a3:11:b7:f8:1c:29:56:
30:6b:2e:b3:8a:21:a2:22:2c:7d:c6:f0:6c:e5:66:
f7:38:3b:22:72:1e:a2:08:e9:44:76:23:1c:3e:de:
2d:5b:16:be:cc:d7:34:4f:e4:3d:12:56:13:a1:27:
c3:55:c6:60:49:4a:3d:7b:1c:2d:b7:2e:0f:9e:f8:
0b:18:e1:aa:62:de:ca:15:70:6e:c1:1f:30:b0:6e:
4d:41:93:8d:03:24:0f:51:e1:f6:28:81:e7:eb:4c:
13:46:6d:ef:51:94:05:74:26:39:16:86:64:ae:ce:
56:2f:fd:e2:16:89:cf:ff:4a:71:e8:de:ca:50:b2:
01:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:40:B0:66:5F:A4:A0:44:B0:6D:0D:54:6D:AE:DF:08:A6:A3:2D:54
X509v3 Authority Key Identifier:
keyid:E3:16:31:82:47:D2:11:84:1F:96:20:A9:A1:13:00:10:DD:B4:86:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xYxgkfSEYQfliCpoRMAEN20hvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/D0CwZl-koESwbQ1Uba7fCKajLVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/ee42bb-1e49-4c21-a4d6-ec287e1d37e5/1/4xYxgkfSEYQfliCpoRMAEN20hvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.103.0/24
Signature Algorithm: sha256WithRSAEncryption
07:3b:30:1a:54:7d:40:fa:ab:17:88:93:4d:e7:bc:a3:c1:7b:
5e:49:93:b3:92:a3:31:2a:e0:e0:c4:d1:b3:1b:d2:8e:c1:55:
10:1b:0e:57:43:c1:44:b0:5c:6b:c1:e4:ff:e5:3e:80:bc:b4:
86:ef:68:2f:fd:75:90:37:4a:4a:cd:3f:50:c2:5b:e4:fb:ba:
de:ee:d9:60:1e:bc:68:27:f6:df:69:cd:3e:0b:85:cf:78:ed:
72:45:79:bf:46:31:66:1a:f1:b5:8f:7f:16:fe:24:d2:6c:a2:
f9:e9:c9:81:98:68:3e:71:c6:56:71:ad:8e:0e:99:0b:28:4c:
2a:07:d3:b4:7e:58:26:cf:8e:52:ea:f1:98:26:9b:73:95:5e:
53:7b:ac:a4:7b:27:da:13:44:54:16:67:bf:4b:19:c8:de:5f:
f9:eb:22:06:d9:e7:66:8e:57:87:03:5e:45:b6:6e:71:c4:c7:
cb:f2:39:78:ff:d8:42:0b:63:d3:95:b7:12:08:ce:2d:92:5c:
18:a9:9b:ec:11:05:8e:24:73:f1:e6:05:c1:67:d3:fd:71:66:
b8:67:e4:a8:1e:c8:f2:f9:78:da:2d:8f:93:66:22:09:a9:b4:
07:67:01:fc:4a:4e:f8:85:77:64:07:4c:6c:e6:15:76:45:88:
21:ed:a3:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY45C5lXcG8QoJ7MTrJmFq33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTYzMTgyNDdkMjExODQxZjk2MjBhOWExMTMwMDEwZGRi
NDg2ZjIwHhcNMjQwMzEzMTgyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQwYjA2NjVmYTRhMDQ0YjA2ZDBkNTQ2ZGFlZGYwOGE2YTMyZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0IGTqp7WQoUpBsc1PYke+vcBk1g
bwVXmo7Gu7GlFkPnxwD1r+rVa8LRfuW271NK1hiygSZaGyns2ClNEsECk5AsIKYU
TURtTcY9cb6XCr1nW8rKj9BLJKYbw7xu30J/GR+rluSMl9hsMB1EEkFB7CiODLjW
YJDWwyLQ0ECwbqMRt/gcKVYway6ziiGiIix9xvBs5Wb3ODsich6iCOlEdiMcPt4t
Wxa+zNc0T+Q9ElYToSfDVcZgSUo9exwtty4PnvgLGOGqYt7KFXBuwR8wsG5NQZON
AyQPUeH2KIHn60wTRm3vUZQFdCY5FoZkrs5WL/3iFonP/0px6N7KULIBcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9AsGZfpKBEsG0NVG2u3wimoy1UMB8GA1UdIwQY
MBaAFOMWMYJH0hGEH5YgqaETABDdtIbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYt
ZWMyODdlMWQzN2U1LzEvRDBDd1psLWtvRVN3YlExVWJhN2ZDS2FqTFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lZTQyYmItMWU0OS00YzIxLWE0ZDYtZWMyODdlMWQzN2U1
LzEvNHhZeGdrZlNFWVFmbGlDcG9STUFFTjIwaHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+hnMA0G
CSqGSIb3DQEBCwUAA4IBAQAHOzAaVH1A+qsXiJNN57yjwXteSZOzkqMxKuDgxNGz
G9KOwVUQGw5XQ8FEsFxrweT/5T6AvLSG72gv/XWQN0pKzT9Qwlvk+7re7tlgHrxo
J/bfac0+C4XPeO1yRXm/RjFmGvG1j38W/iTSbKL56cmBmGg+ccZWca2ODpkLKEwq
B9O0flgmz45S6vGYJptzlV5Te6ykeyfaE0RUFme/SxnI3l/56yIG2edmjleHA15F
tm5xxMfL8jl4/9hCC2PTlbcSCM4tklwYqZvsEQWOJHPx5gXBZ9P9cWa4Z+SoHsjy
+XjaLY+TZiIJqbQHZwH8Sk74hXdkB0xs5hV2RYgh7aNy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:18 2025 by rpki-client